Accélérez le déploiement de SASE grâce à la série "SASE Week Backstage". Explorer les sessions

fermer
fermer
  • Pourquoi Netskope signe chevron

    Changer la façon dont le réseau et la sécurité fonctionnent ensemble.

  • Nos clients signe chevron

    Netskope sert plus de 3 400 clients dans le monde, dont plus de 30 entreprises du Fortune 100

  • Nos partenaires signe chevron

    Nous collaborons avec des leaders de la sécurité pour vous aider à sécuriser votre transition vers le cloud.

Un Leader du SSE.
Et maintenant un Leader du SASE à fournisseur unique.

Découvrez pourquoi Netskope a été classé parmi les leaders de l'édition 2024 du Gartner® Magic Quadrant™️ pour le Secure Access Service Edge à fournisseur unique.

Recevoir le rapport
Pleins feux sur les clients visionnaires

Découvrez comment des clients innovants naviguent avec succès dans le paysage évolutif de la mise en réseau et de la sécurité d’aujourd’hui grâce à la plateforme Netskope One.

Obtenir l'EBook
Pleins feux sur les clients visionnaires
La stratégie de commercialisation de Netskope privilégie ses partenaires, ce qui leur permet de maximiser leur croissance et leur rentabilité, tout en transformant la sécurité des entreprises.

En savoir plus sur les partenaires de Netskope
Groupe de jeunes professionnels diversifiés souriant
Votre réseau de demain

Planifiez votre chemin vers un réseau plus rapide, plus sûr et plus résilient, conçu pour les applications et les utilisateurs que vous prenez en charge.

Obtenir le livre blanc
Votre réseau de demain
Présentation de la plate-forme Netskope One

Netskope One est une plate-forme cloud native qui offre des services de sécurité et de mise en réseau convergents pour faciliter votre transformation SASE et Zero Trust.

En savoir plus sur Netskope One
Abstrait avec éclairage bleu
Adopter une architecture SASE (Secure Access Service Edge)

Netskope NewEdge est le nuage privé de sécurité le plus grand et le plus performant au monde. Il offre aux clients une couverture de service, des performances et une résilience inégalées.

Découvrez NewEdge
NewEdge
Netskope Cloud Exchange

Le Netskope Cloud Exchange (CE) fournit aux clients des outils d'intégration puissants pour optimiser les investissements dans l'ensemble de leur infrastructure de sécurité.

En savoir plus sur Cloud Exchange
Aerial view of a city
La plateforme du futur est Netskope

Intelligent Security Service Edge (SSE), Cloud Access Security Broker (CASB), Cloud Firewall, Next Generation Secure Web Gateway (SWG), et Private Access for ZTNA intégrés nativement dans une solution unique pour aider chaque entreprise dans son cheminement vers l'architecture Secure Access Service Edge (SASE).

Présentation des produits
Vidéo Netskope
Next Gen SASE Branch est hybride - connectée, sécurisée et automatisée

Netskope Next Gen SASE Branch fait converger Context-Aware SASE Fabric, Zero-Trust Hybrid Security et SkopeAI-Powered Cloud Orchestrator dans une offre cloud unifiée, ouvrant la voie à une expérience de succursale entièrement modernisée pour l'entreprise sans frontières.

En savoir plus Next Gen SASE Branch
Personnes au bureau de l'espace ouvert
La conception d'une architecture SASE pour les nuls

Obtenez votre exemplaire gratuit du seul guide consacré à la conception d'une architecture SASE dont vous aurez jamais besoin.

Obtenir l'EBook
Optez pour les meilleurs services de sécurité cloud du marché, avec un temps de latence minimum et une fiabilité élevée.

Découvrez NewEdge
Autoroute éclairée traversant des lacets à flanc de montagne
Permettez en toute sécurité l'utilisation d'applications d'IA générative grâce au contrôle d'accès aux applications, à l'accompagnement des utilisateurs en temps réel et à une protection des données de premier ordre.

Découvrez comment nous sécurisons l'utilisation de l'IA générative
Autorisez ChatGPT et l’IA générative en toute sécurité
Solutions Zero Trust pour les déploiements du SSE et du SASE

En savoir plus sur la confiance zéro
Bateau roulant en pleine mer
Netskope obtient l'autorisation FedRAMP High Authorization

Choisissez Netskope GovCloud pour accélérer la transformation de votre agence.

En savoir plus sur Netskope GovCloud
Netskope GovCloud
  • Ressources signe chevron

    Découvrez comment Netskope peut vous aider à sécuriser votre migration vers le Cloud.

  • Blog signe chevron

    Découvrez comment Netskope permet la transformation de la sécurité et de la mise en réseau grâce à l'accès sécurisé à la périphérie des services (SASE).

  • Événements et ateliers signe chevron

    Restez à l'affût des dernières tendances en matière de sécurité et créez des liens avec vos pairs.

  • Définition de la sécurité signe chevron

    Tout ce que vous devez savoir dans notre encyclopédie de la cybersécurité.

Podcast Security Visionaries

L'avenir de la sécurité : Quantum, IA et changements macropolitiques
Emily Wearmouth et Max Havey s'entretiennent avec Sanjay Beri, PDG de Netskope, et Krishna Narayanaswamy, directeur technique, sur l'avenir de la sécurité.

Écouter le podcast Parcourir tous les podcasts
L'avenir de la sécurité : Quantum, IA et changements macropolitiques
Derniers blogs

Découvrez comment Netskope peut faciliter le parcours Zero Trust et SASE grâce à des capacités d'accès sécurisé à la périphérie des services (SASE).

Lire le blog
Lever de soleil et ciel nuageux
SASE Week 2024 A la demande

Apprenez à naviguer dans les dernières avancées en matière de SASE et de confiance zéro et découvrez comment ces cadres s'adaptent pour répondre aux défis de la cybersécurité et de l'infrastructure.

Explorer les sessions
SASE Week 2024
Qu'est-ce que SASE ?

Découvrez la future convergence des outils réseau et sécurité dans le modèle économique actuel, dominé par le cloud.

En savoir plus sur SASE
  • Entreprise signe chevron

    Nous vous aidons à conserver une longueur d'avance sur les défis posés par le cloud, les données et les réseaux en matière de sécurité.

  • Carrières signe chevron

    Join Netskope's 3,000+ amazing team members building the industry’s leading cloud-native security platform.

  • Solutions pour les clients signe chevron

    Nous sommes là pour vous et avec vous à chaque étape, pour assurer votre succès avec Netskope.

  • Formation et accréditations signe chevron

    Avec Netskope, devenez un expert de la sécurité du cloud.

Soutenir le développement durable par la sécurité des données

Netskope est fière de participer à Vision 2045 : une initiative visant à sensibiliser au rôle de l'industrie privée dans le développement durable.

En savoir plus
Soutenir le développement durable grâce à la sécurité des données
Contribuez à façonner l'avenir de la sécurité du cloud

At Netskope, founders and leaders work shoulder-to-shoulder with their colleagues, even the most renowned experts check their egos at the door, and the best ideas win.

Rejoignez l’équipe
Carrières chez Netskope
L’équipe de services professionnels talentueuse et expérimentée de Netskope propose une approche prescriptive pour une mise en œuvre réussie.

En savoir plus sur les services professionnels
Services professionnels Netskope
Sécurisez votre parcours de transformation numérique et tirez le meilleur parti de vos applications cloud, Web et privées grâce à la formation Netskope.

En savoir plus sur les formations et les certifications
Groupe de jeunes professionnels travaillant

Fishtech Labs’ Jeff Doyle on the Cloud Ramp Framework, The importance of interoperability, and why we should deesign for failure

Jun 01 2016
Tags
Cloud Best Practices
Cloud Security

Below is a casual, informative interview with Jeff Doyle, VP of Research at our partner, Fishtech Labs. For those who don’t know Fishtech, they’re a technology accelerator focused on security and networking and with a lot of expertise in the cloud. Their leadership comprises many of the leaders from Fishnet Security, which you may know merged with Accuvant last year and became Optiv. Fishtech recently released its Certified Cloud Ramp Framework (CRF), of which Netskope is the Cloud Access Security Broker of target technologies facilitating Fishtech’s new cloud migration and operating model. I caught up with Jeff last week to understand his views and thinking behind the CRF.

Jamie: What is Fishtech’s goal with this framework?

Jeff: I think there are a couple of ways to look at this framework. First, our intention was to give customers a proven, tested migration path to the cloud. People talk a lot about migrating to the cloud, and what the business benefits and risks of cloud are, but there’s a real gap in the conversation about how to get there.

We want to help our customers come up with not just a methodology or architecture, but a tested path and integrated operating model. We want to help them ensure that what they’re creating isn’t a snowflake, or one-off architectural approach. The more they custom-build their cloud infrastructure, the more one-off their ongoing operations become. That’s not efficient for anyone. We also want to help them ensure that the architecture they choose is well-vetted against their requirements, in the market, and also in our own labs. This way they know fully what they need, what they’re getting with the components they are choosing, and what to expect from the overall solution.

Moreover, while our customers have a good set of tools for operating in a physical environment, as they move into cloud those tools may not be well suited or are less relevant. Besides helping them identify new gaps based on their business requirements, we want to help them ensure they’re not force-fitting tools into their environment because they solve an immediate need but instead to look at the overall set of tools that work together, are well suited for their needs, and are made for cloud environments.

Getting a little more brass-tacks, we have four goals for addressing our customers’ needs:

  1. Help them achieve operational efficiency with the cloud services they’re using and the way they secure them.
  2. Provide them visibility so they understand their cloud environment, usage, and data.
  3. Enable them to control data sprawl to corral and protect sensitive or regulated data.
  4. Help them build business continuity into their overall model, an overall objective of cloud but one that’s not always thought about in the security context.

Jamie: What are some of the core requirements in your mind as Fishtech came up with this framework?

Jeff: One thing to note about this framework is that we try to steer customers from choosing a single solution in a vacuum and without looking at or thinking about their architecture as a whole. Even if they sequence their technology purchases one at a time, we encourage them to think from an overall architecture point-of-view based on their business requirements and where they’re going. So when they evaluate a particular tool (or we evaluate it on their behalf), besides looking at the goals of the product, does the tool fit the overall architecture. This is key for cloud migration so essential pieces don’t get left behind.

An important part of ensuring this is our own labs. When we say these solutions are vetted or proven, the whole idea is that we’ve taken selected and carefully chosen technology partners like Netskope and looked at not just what the solution does, but how well it works with all of the other elements within an architecture. We’re testing in our lab and even eating our own dog food by using that architecture as Fishtech Labs!

Jamie: What technologies did you select and why?

Jeff: We took a hard look at what was needed for organizations to consume cloud services securely. Those elements include Cloud Access Security Broker (CASB), Single Sign On (SSO), Data Loss Prevention (DLP), endpoint security, micro-segmentation capabilities, network security, next-generation firewall, orchestration, provisioning, software-defined WAN (SDWAN), security information and event management (SIEM), threat detection, and visualization. We also incorporate cloud providers themselves, such as Amazon Web Services and Microsoft Azure.

We chose those technologies based on the kinds of services our customers have, how well they support them as well as interoperate with them, and finally, how well they interoperate with each other. Take, for example, our environment, which looks a lot like those of our cloud-consuming customers. We use Office 365 apps like SharePoint and OneDrive, as well as Salesforce.com for CRM, Citrix GoToMeeting for collaboration, and Paycor for our HR payroll processing. For SSO, we chose the service that best helped us manage secure access to those apps and also worked well with the other vendors, which turned out to be Okta. Similarly, we chose TITUS because of its robust data classification capabilities and because it integrated well with the rest of the vendors we see often. For CASB, Netskope was a good fit because of its deep cloud app activity monitoring and advanced cloud DLP capabilities. Seeing Netskope interoperate with Okta, TITUS, and the other vendors like Splunk, Cyphort, and Microsoft Office 365 solidified our choices.

Simply knowing that these products interoperate because they have forged marketing and business development partnerships is one thing, and certainly not sufficient for us at Fishtech. We really dig in and validate this interoperability in our lab. We want the confidence that you get from this tight-knit community – that we’re all working together toward our customers’ goals.

Beyond verifying interoperability, we also look at how successful these technologies are in the market. For example, on the SDWAN front, Viptella is a big partner of ours. They’ve done tremendously well in large environments where flexibility is needed to support a rich set of use cases. Beyond customer base, security is in our DNA. Security and governance are huge elements of everything we do. We don’t look just at a security solution, but the overall cloud solution and how we do every piece of that securely. We rely heavily on the Cloud Security Alliance (CSA) Cloud Controls Matrix and Security Trust & Assurance Registry (STAR), the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) frameworks, as well as the European Union Agency for Network and Information Security (ENISA) models. If you look at our technology evaluation process, you’ll see that these standards influence our thinking a great deal.

Jamie: Tell us a little bit more about how you evaluate technology.

Jeff: One of big challenges our customers face is verifying what is reality out of a vendor’s solution and what is still slideware. The POC becomes a key piece. That’s one of the services we offer beyond our CRF – an independent analysis of how the solution really works. And we try to get beyond the idea of whether the product works as advertised, but really bang on it to know it really well so we can best advise the customer for how to get the most value out of it. Sometimes we actually do find a product that works really well, but just isn’t a fit given the customer’s business objectives.

Here’s an example: We did a project for a customer in which we evaluated an SDN solution. It was really cool and mostly worked as advertised. But one of the things we uncovered was that it was really immature from an operational perspective. The documentation was non-existent and it wasn’t at all clear how the customer should enable certain features when the product became operational. We had to follow up with the company’s support team, and when we did, it took a while to find the person who had the right answer. Similarly, the product versioning was obscure and releases weren’t well-managed. In short, it was just so immature operationally that we had to give the product a “thumbs’ down” because our customer would not be able to be successful with it given the reality of what they were able to take on operationally.

Where we really shine for our customers is not just defining the “how” of implementing new technology, but the “what” and the “why.” A customer can look at a vendor’s marketing materials, and based on their own plans, figure out how to implement. But they don’t always ask “What are the real benefits to my business?” We often start with the whiteboard and map out the customer’s business objectives. Then we strategize what the overall architecture should be to support those objectives. If our customer is going to spend the money, we want to help them think it through so they’re not moving in the direction of expensive dead-ends. From there, we offer our lab as a vendor-independent place to do POCs and solutions analysis, whether it’s a side-by-side with multiple vendors or simply an in-depth analysis of how the solution will work so the customer knows what to prepare for. And finally, we develop a close partnership with the technologies in our portfolio so we can influence the direction of technologies and have a strong impact in the interoperability and effectiveness of those top technologies on behalf of our customers.

Jamie: Given your networking expertise, what do you look for in network design whether you’re looking at a security technology or otherwise? What do you consider a red flag?

Jeff: I lo